版權說明:本文檔由用戶提供并上傳,收益歸屬內容提供方,若內容存在侵權,請進行舉報或認領
文檔簡介
EnhancingSecurityofAI-BasedCodeSynthesiswithGitHubCopilotviaCheapandEfficientPrompt-Engineering
JakubRes
ir
esj@fit.vut.cz
BrnoUniversityofTechnology,FacultyofInformationTechnologyCzechRepublic
Ale?Smr?ka
smr
cka@fit.vut.cz
BrnoUniversityofTechnology,FacultyofInformationTechnologyCzechRepublic
ABSTRACT
IvanHomoliak
ihomoliak@fit.vut.cz
BrnoUniversityofTechnology,
FacultyofInformationTechnologyCzechRepublic
KamilMalinka
malinka@fit.vut.cz
person*newPerson=(person*)malloc(sizeof(person));newPerson->status=0;
BrnoUniversityofTechnology,FacultyofInformationTechnologyCzechRepublic
MartinPere?íni
iper
esini@fit.vut.cz
BrnoUniversityofTechnology,FacultyofInformationTechnologyCzechRepublic
PetrHanacek
hanacek@fit.vut.cz
BrnoUniversityofTechnology,FacultyofInformationTechnologyCzechRepublic
arXiv:2403.12671v1
[cs.CR]
19
Mar2024
AIassistantsforcodingareontherise.Howeveroneofthereasonsdevelopersandcompaniesavoidharnessingtheirfullpotentialisthequestionablesecurityofthegeneratedcode.Thispaperfirstreviewsthecurrentstate-of-the-artandidentifiesareasforim-provementonthisissue.Then,weproposeasystematicapproachbasedonprompt-alteringmethodstoachievebettercodesecurityof(evenproprietaryblack-box)AI-basedcodegeneratorssuchasGitHubCopilot,whileminimizingthecomplexityoftheapplica-tionfromtheuserpoint-of-view,thecomputationalresources,andoperationalcosts.Insum,weproposeandevaluatethreepromptalteringmethods:(1)scenario-specific,(2)iterative,and(3)generalclause,whilewediscusstheircombination.Contrarytotheauditofcodesecurity,thelattertwooftheproposedmethodsrequirenoexpertknowledgefromtheuser.WeassesstheeffectivenessoftheproposedmethodsontheGitHubCopilotusingtheOpenVPNprojectinrealisticscenarios,andwedemonstratethattheproposedmethodsreducethenumberofinsecuregeneratedcodesamplesbyupto16%andincreasethenumberofsecurecodebyupto8%.SinceourapproachdoesnotrequireaccesstotheinternalsoftheAImodels,itcanbeingeneralappliedtoanyAI-basedcodesynthesizer,notonlyGitHubCopilot.
INTRODUCTION
WiththereleaseofChatGPT[
1
],publicattentionshiftedtowardsAIassistanttools.Theseassistantsareproficientinmanyareas,includingsoftwareengineeringorcoding.TheadventofAIcodingassistantsmeanstransitioningfromintelligentcode-completiontoolstocode-generatingtools.AlthoughtheseAIassistantsarefarfromperfect,intermsofsolvingcodingproblems,arecentmodelAlphaCode2,proposedbyDeepmind,scoredbetterthanover85%ofhumancompetitors[
9
].
AccordingtoLiangetal.[
11
]inthesurveywith410Githubusers’responses,70%ofrespondentswhohadexperienceswithGithubCopilotutilizeitatleastonceinamonthwhile46%utilizetheAIassistantdaily.ThemostfrequentreasonsfordevelopersusingAIassistantswerefewerkeystrokestowritecodeandfastercoding.DuetotherapidlyrisingpopularityofAIassistants,researchersstartedtofocusonstudyingthequalityofthesynthesizedcodeand
Fig.1:ExampleofsecurityissuegeneratedbyAI.Thesce-nariocomesfromthedatasetproposedin[
17
].
waysofimprovingit(see
Sec.5.2
).Whileobservingthevalidityorcorrectness,manystudiesoverlookthecrucialaspectofcode—security.
Inthemotivatingexample,theAIassistantwastaskedwithgeneratingacodesnippettofillagapinthecontextofaCprogram.Itsobjectivewastocreateanewinstanceofthestructure"person"andassignastatusvalueofzerotoit.AlthoughtheAIassistantprovidedareasonablecode(see
Fig.1
),thesnippetcontainCWE-476[
25
](themallocfunctioncouldfailtoallocatememory,thusresultinginaNULLpointerdereference).
Inthisresearch,weaimtostudyvariouswaysofimprovingcodesecuritygeneratedbyanyproprietaryLargeLanguageMod-els(LLMs),andwedemonstrateourapproachonthewell-knownGitHubCopilot[
6
].
Thereexistafewcategoriesforimprovingthecodesynthe-sisofAImodels,suchasoutputoptimization,modelfine-tuning,andpromptengineering,andeachofthemhassomeprosandcons.Inthiswork,wefocusonefficiency,generality,andlowcosts,andthereforepromptengineeringisthemostsuitabletech-niqueforus.Whileliteratureforpromptengineeringismostlygeneral[
14
][
31
][
5
][
4
],wearemorespecificanddeterminefourap-proachestoit,whichwefurtherinvestigate:(1)scenario-specificinformationandwarningproviding,(2)iterativesecurity-specificprompting,(3)generalalignmentshiftingusinginceptionprompt(i.e.,generalclause),(4)cooperativeagentssystem.Inparticular,weexperimentwiththeformerthreeapproachesthatareorthogo-nalintheirprinciples.
Contributions.Thecontributionsofourpaperareasfollows:
WereviewedtheliteratureandidentifiedthreedifferentareasofcodesynthesisimprovementsofLLMs,involving
JakubRes,etal.
EnhancingSecurityofAI-BasedCodeSynthesiswithGitHubCopilotviaCheapandEfficientPrompt-Engineering
optimizingtheoutput,modelfine-tuning,andpromptopti-mizations.
Withthefocusongenerality,speed,andlowcosts,weaimedatpromptengineeringarea,andweproposedasystematicapproachtoenhancingitsgeneratedcodesecuritywiththreemethodsandtheircombinations.
Weevaluatedtheefficiencyofproposedmethodsforpromptalterationonareal-worldprojectOpenVPNandweman-agedtoincreasetheratioofsecurecodegeneratedbyupto8%anddecreasetheratioofgeneratedinsecurecodebyupto16%.
Organization.In
Sec.2
wedefinetheimportanttermsforourpaperandsetadesignspace.In
Sec.3
wedescribetheproposedmethodsofpromptimprovement.In
Sec.4
wedescribethedesignoftheexperiment,methodology,dataset,andassessmentofsecuritywithmeasuredresults.Werefertotherelatedworkin
Sec.5
.Wediscussthelimitationsandareasforfutureresearchin
Sec.6
.In
Sec.7
weconcludeourwork.
BACKGROUNDANDDESIGNSPACE
Prompt.Theprompt,inthecontextofthiswork,referstothetuple:
(1)ataskthatcontainsfunctiondeclarationanditsdescription,(2)codeofthecontext,and(3)theuser-specifiedcodecommentaryrelatedtosecurity.
ImprovementsofCodeSynthesis.Ingeneral,theliteraturecon-tainsthreemainareasofpossibleimprovementstotheLLMcode-generatingabilities(see
Fig.2
):
Outputoptimizing–Thefirstandthemostintuitiveapproachistopost-processtheoutput.OncetheLLMre-spondswitharesult,theobtainedcodeisanalyzedforthepresenceofsecurityissues.Althoughtheoutputcorrec-tionisaddressedbymanyworks[
28
][
30
][
29
],verylittleattentionisgiventothecodesecurity.
Theremaybemultipleimplementationsoftheoutputcor-rectionsystems,eitherbydesigninganothermodeltrainedspecificallyforfixingsecurityissuesorbycombiningstaticanalyzerswithissue-repairingrules.Snyk[
24
]isanexam-pleofanexistingcommercialoutputoptimizerfocusingoncodesecurity.
Modelfine-tuning–Themodelfine-tuningallowsthedeveloperstoadaptthepre-trainedlanguagemodeltobet-terfitaspecifictask[
33
].Itisthemostpreferablesolution
person*newPerson=NULL;
newPerson=(person*)malloc(sizeof(person));if(!newPerson){
printf("Error:Failedtoallocatememoryforperson");
returnEXIT_FAILURE;
}
newPerson->status=0;
Fig.3:Preliminaryresultsofpromptenhancing.
duetotheuserexperiencesincetheusercandirectlyinter-actwiththeimprovedmodelwithoutanyadditionalsteps.However,thismethodrequiresfullaccesstothemodelandimposesahighperformanceoverheadforitsre-training.
Promptoptimizing–Thelastwaytoimprovecodese-curityistooptimizetheuserinput.Asshownbypreviousworks[
17
][
32
][
13
][
8
],theformulationofaninputpromptcouldseverelyaffecttheresultingcodesecurity.Addition-ally,theresultsofNeilPerry,etal.[
18
]indicate,thatitispossibletopositivelyinfluencethegeneratedcodesecuritybyalteringthepromptoraskingtheLLMiteratively.Apartfromoptimizingtheinputprompt(ordirectlytheinputsequenceoftokens),theworkofHeandVechev[
7
]presentsanapplicationoftheconceptofprefixtuning[
10
].However,thisconceptisonlyapplicableincasesofon-premisemodelssinceaccesstotheinternalhiddenstateofmodelsisneeded.
DesignSpace
Althoughmodelfine-tuningmightachievepromisingresults,ithasseveralconssuchasrequiringaccesstothefullmodelofoftenproprietaryarchitectures,itisexpensiveintermsofcomputationresources,anditneedshigh-qualitynewdatatotrainitsmodel(whichisdifficulttocollect/obtain).Outputoptimizingdoesnotrequireaccesstothearchitectureofthemodelnorrequiresexpertknowledge,butithasmanyconsrelatedtostaticanalysisofthecode(i.e.,highfalsenegatives/positivesratesorinabilitytoanalyzeincompletecode).Ontheotherhand,prompt-optimizingisfastandrequiresalmostnocomputationalresources(otherthanre-runningtheLLM);however,itmightrequirecertainexpertknowledgeinsomecases
Input(Prompt)
Model
Output
Inourresearch,weemphasizedlow-performanceoverhead,lowcosts,generality,andavailability.Therefore,wefocusonpromptoptimizationtechniquesasawayofimprovingthesecurityof
Improvements
(3)
Promptoptimizing
(2)
Modelfine-tuning
(1)
Outputoptimizing
AI-generatedcode.Preliminaryresultsofpromptengineeringtech-niquesproposedinourresearchwereappliedtothesametaskasintheintroduction(see
Fig.1
)butwithanadditionalpromptspecificationtofocusonpropersecuritypractices(see
Fig.3
)–thegeneratedcodedoesnotcontainweaknessCWE-476.
Codesynthesispipeline
Whileliteratureforpromptengineeringtechniquesismostlygeneral[
14
][
31
][
5
][
4
],weaimtobemorespecificanddeterminefourapproachestoit,whichwefurtherdetailin
Sec.3
:(1)scenario-specificinformationandwarningproviding,(2)iterativesecurity-
Fig.2:Potentialimprovementsofcodesynthesis.
specificprompting,(3)generalalignmentshiftingusingincep-tionprompt[
8
],(4)cooperativeagentssystem[
19
].
FixtheCWE284-ImproperAccessControl
FixtheCWE435-ImproperInteractionBetweenMultipleCorrectly-
BehavingEntities
FixtheCWE664-ImproperControlofaResourceThroughitsLifetime
FixtheCWE682-IncorrectCalculation
FixtheCWE691-InsufficientControlFlowManagement
FixtheCWE693-ProtectionMechanismFailure
FixtheCWE697-IncorrectComparison
FixtheCWE703-ImproperCheckorHandlingofExceptionalCon-ditions
FixtheCWE707-ImproperNeutralization
FixtheCWE710-ImproperAdherencetoCodingStandards
voidstring_null_terminate(char*str,intlen,intcapacity)
{}
Listing1:Originalprompt
//Becarefulaboutthebufferoverflow,underflowandnulldereference
voidstring_null_terminate(char*str,intlen,intcapacity)
{}
Listing2:Alteredprompt
Fig.4:Exampleofinputpromptalteration.
PROPOSEDAPPROACH
Inthissection,weaimtoexplorethepotentialofthreeofthedeterminedmethodsin
Sec.2.1
–thescenario-specific,theiterative,andthegeneralalignmentshifting(furtherreferredtoasgeneralclause).Thelastdeterminedapproach(i.e.,cooperatingagents)combinesalloftheothermethodsandisthusdependentonthosemethods,weconsideritasadedicatedbranchofresearch;therefore,wedonotdealwithitinthecontextofthiswork.Inthefollowing,wedescribetheparticularapproachesindetail.
Scenario-Specific
ThefirstmethodaimstoprovidespecificinformationaboutthelocalcontexttotheAIassistant.Thepromptthusprovidesnotonlyrequirementsforthecorrectfunctionalityofgeneratedcode,butalsoforspecificsecurity-relatedcharacteristics.
Thewholeidealiesinenumeratingpossibleissuesbasedonthedeveloper’sexperience.Asapartoftheprompt,numerouswarningsandadditionalinformationareprovidedtotheAIassistantaccordingtoexpectedfunctionalityandpossiblesecurityissuesregardingtheparameterscomingtoaparticularblockofcode.
Themaindownsideofthismethodistheexpertknowledgere-quirements.Therefore,tosuccessfullyapplythisapproach,usersareexpectedtohaveatleastabasicawarenessofsecureprogrammingandthepotentialrisksposedbyincorrectlyusedprogrammingstructures.Ontheotherhand,inthecaseofthisapproach,manypromptalterationscanbeautomaticallyproposedtotheuserbasedonthecontextanddatatypes,whichmitigatetheexpertknowledgerequirementsoftheuser.Theexamplein
Fig.4
depictsasinglepromptfortheAIassistantalterationusingtheproposedmethod.
Iterative
Thesecondmethodappliesanaiverepeatedprocesstopromptalterationbymodifyingcommentaryofpreviouslygeneratedcodesample(thatisthepartofthecontextforthecurrentiteration).ItcommunicateswiththeAIassistantiteratively,witheachiterationincorporatingthepreviousoutputwhileaddinginformationorwarning.
ThemostimportantpartofthisapproachistheproperselectionofthesequenceofadditionalinformationpassedtotheLLMineveryround.Thismethodisagnostictothetaskanditscodecontext.Thelistofcommentariesthatisiterativelyappliedshouldbegeneral,
Fig.5:Rulesetfortheiterativemethod.
andthereforecoverawiderangeofsecurityweaknessesandissues.Thankstothat,theuserdoesnotrequireexpertknowledgeandcanbeprovidedwithhighersecurity-levelsuggestions.Forevaluationpurposes,weopttoimplementMitre’sResearchconcepts[
26
]intotheruleset,asseenin
Fig.5
.Thisviewconsistsoftenabstractclasses,eachcoveringafamilyofsecurityweaknesses.Together,theclassesaredesignedtocontainallCWEs.
Theiterativemethodinherentlycomeswithafewadvantages,suchasalmostnorequirementsforsecurityknowledgefromthesideofauser,easeofautomaticimplementation,orapplicationtoalargescopeofmodels.However,thedisadvantages,suchasthenegativeinfluenceofimproperlydesignedruleset,orrequiredcomputationaltimeformultipleiterations,mayoutweightheposi-tivepropertieswithconsiderationofreasonsforapplicationofthismethodinthefuture.
GeneralAlignmentShifting
Themainideaofthisapproach(a.k.a.,generalclause)isinspiredbytheworkofLi,etal.[
8
].Theauthorsproposedtheterminceptionpromptthatdescribesanalignment-settingpromptatthestartofaconversationwithamodel.Weuseadifferentterm(i.e.,generalclause)thantheoriginalauthorssinceourapproachprincipallydiffersbynotfollowingtheconversationpattern.
Theinceptionpromptisaninputmessagethatcomesbeforeanyoftheusersentences.Asforthenatureofourapproach,thegeneralclauseisapartoftheuserprompt(withinthecontext).
/**
Neverforgetyouareasecurityspecialisthelpingwithcodingtasks.
Yourjobistogeneratecodethatissecureandsafe.
Neverforgetthat.
Youarenotaprogrammer,youareasecurityspecialist.
Youwillnevergeneratecodethatcontainssecurityvulnerabilities.
YouwillalwayslookforCWEsinthecodeyouwouldgenerateandfixthem.
**/
Fig.6:Generalclauseusedforexperiments.
Themainadvantageofthismethodisthesimplicityandeaseofimplementation.Asinglewell-craftedcommentaryadditiontotheheaderofthefilecouldimprovethesecurityofthegeneratedcodeinthisparticularfile.
Ontheotherhand,theremaybemajorissueswiththeperfor-manceoftheclausemethod.Forexample,theLLMmayfilteroutthegeneralclauseasirrelevant(dependingonthedecisionofthemodel).Anothersignificantlimitationofthisapproachistheclauseitself.TheclauseneedstobepreciselycuratedtoposeanimpactonthedecisionprocessofLLM.Alikethepreviousmethod,eventhegeneralclausemethodimposesnonetoverylittleexpertknowledgerequirementstotheusers.
EXPERIMENTS
Intheupcomingsection,wedescribetheexperimentdesign(see
Fig.7
).First,wechosetheopen-sourceprojectOpenVPNinsteadoftheconventionaldatasetbecauseitreflectstherealconditionsforoperatingtheGitHubCopilot(i.e.,providingthetaskswithcontext)andthusproducingresultswithhigherimpact.WeusetheGitHubCopilottoconsecutivelysynthesizethefivebestsolutionsforeachselectedtasktosetabaseline.Then,weenhancethecontextandtaskbyaddingsecurity-relatedcommentaryaccordingtothepro-posedmethods.Afterthat,werepeatthesynthesisstep,resultingin100solutions(25pertheenhancementmethod).Attheend,wedescribetheprocessofassessingthesecurityofsynthesizedcodeandmeasuredresults.
Methodology
Althoughmanymodelsanddatasetsareavailable,thispaperfo-cusessolelyonprovingtheconceptofsystematicpromptalteringtoachievebettercodesecurity.Thus,fortheexperimentalpartofthiswork,weusethemostpopularAIcodegeneratortoday[
11
],GitHubCopilot[
6
].Throughouttheexperiments,theparam-etersoftheGitHubCopilotmodelwerekepttothedefault.Foranuntaintedenvironment,acontainerwithapreinstalledGitHubCopilotextensionforVimeditorwassetupandreinitializedaftereachexperimentrun.
Thewholeprocessofexperimentsisdepictedin
Fig.7
.Asstatedbefore,thestudyaimstoevaluatetheeffectivenessofsuggestedmethodsonanopen-sourceprojectinsteadofwell-knowndatasetsforsynthesizedcodeevaluation.Usingtheopensourceprojectcodebase(see
Sec.4.2
),weselectedfivetasksandalteredthemaccordingtothemethodspresentedearlier.Eachofthemethodsisapplieddifferently:
Thescenariomethod–theaddedinformationisinsertedinsideofthecurlybracketsoftheobservedfunction.
Theiterativemethod–eachiterationisforwardedtotheupcomingroundasacommented-outcodewithadditional
Dataset
Scenario
Virtual
renewable LLMresultsenvironment cache
Open-sourceproject
Iterative
LLM
GeneralClause
Securityassesment
Fig.7:Experimentdesignscheme.
Unalteredprompts,consistingonlyoftaskandcontext,wereusedasabaselineforthefinalcomparison.Tocapturedivergenceincom-monresults,weconsecutivelysynthesizedthefivebestsolutionsforeveryprompttoprovidehigherstatisticalsignificance.1
Dataset
Totesttheproposedmethodsofpromptalterationinrealisticcon-ditions,weoptedforacustomexperimentusinganactiveopen-sourceprojectinsteadofusingtheconventionaldataset(suchasHumaEval[
3
],MBXP[
2
],SecurityEval[
23
],orLLMSecEval[
27
]).Wewillreleaseourdatasetuponpublication,includingthesetupofourexperimenttoenablereproducibilityoftheresearch.
TherearemultiplelimitationsofexistingdatasetsforAI-basedcodesynthesis.Mostoftheexistingdatasetsarenotfocusedonsecurityevaluationbutratherontheabilitytosynthesizefunctionalcode.
Ontheotherhand,theexistingsecurity-relateddatasetsconsistofexamplescenariosofvariousCWEswithoutcontext,andtheywereeithergatheredonlineorcraftedbytheauthors.TheCWEsdatasetsaremoresuitableforevaluatingthesynthesizedcodese-curity;however,allthesamplesincludedinthedatasetsareshort,andthuslackingcontext.
OpenVPNProject.Toreflecttherealityofusingtheprogram-mingAIassistant,wechoseprojectOpenVPN.2TheOpenVPNprojectwasselectedduetoitsactivedevelopment,well-documentedsourcecode,andtheprimaryprogramminglanguage–C,whichispronetosecurityissues.
ThefollowingfunctionsfromtheOpenVPNprojectwereselectedastasksfortheexperiment.Eachfunctionwasselectedwithregardtopossiblesecurityissues:
string_null_terminate()–possiblyvulnerabletobufferoverflow/underflowandNULLdereference.(/src/openvpn/buffer.c)
voidstring_null_terminate
(char*str,intlen,intcapacity){}
informationfollowingtheruleset(see
Fig.5
).
(3)Thegeneralclausemethod–theclauseisinsertedrightaftertheoriginalfileheadercommentatthestartofeachsourcecode.
1NotethatGitHubCopilotsynthesizestensolutionsforeachprompt,andwealwaysconsideredonlythebestone.Ontheotherhand,othersynthesizedoptionsmaycontainmoresecurecode.
2
/OpenVPN/openvpn
//Becarefulaboutbufferoverflow/underflow
//Becarefulaboutproperlyterminatingstring
//BecarefulaboutNULLdereference
//Becarefulaboutproperhandlingoffiledescr.
//BecarefulaboutNULLdereference
//Becarefulaboutbufferoverflow/underflow
//BecarefulaboutNULLdereference
//Becarefulaboutintegeroverflow/underflow
//Becarefulaboutbufferoverflow/underflow
//BecarefulaboutNULLdereference
//Becarefulaboutproperindexvalidation
//Becarefulaboutpropermemoryclearing
Fig.8:Scenario-basedpromptsrelatedtoselectedfunctions.
buffer_write_file()–possiblyvulnerabletoincorrectfilehandlemanagementandunknowncustomdatastruc-tureissues.(/src/openvpn/buffer.c)
boolbuffer_write_file
(constchar*filename,conststructbuffer*buf){}
buf_catrunc()–possiblyvulnerabletoout-of-memorywrite,unknowncustomdatastructureissues,andNULLdereference.(/src/openvpn/buffer.c)
voidbuf_catrunc
(structbuffer*buf,constchar*str){}
buf_prepend()–possiblyvulnerabletobufferoverflow/un-derflowandintegeroverflow/underflow.(/src/openvpn/buffer.h)
staticinlineuint8_t*buf_prepend(structbuffer*buf,intsize){}
argv_reset()–possiblyvulnerabletoimproperindexvalidationandmemoryclearing.(/src/openvpn/argv.c)
staticvoidargv_reset(structargv*a){}
Inaccordancewiththeexpectedimplementationissues,thefol-lowingscenariomethodpromptswereprepared–theyareenumer-atedin
Fig.8
inthesameorderasthefunctionsabove.
AssessmentofCodeSecurity
Assessingthesecurityofcodesamplespresentsmanychallenges.Unlikeaspectslikefunctionalityorcorrectness,whichcanbemea-suredthroughcompilation/interpretationormetricslikeCode-BLEU3[
20
],securityevaluationrequiresadifferentapproach.
However,nosuchpracticehasbeenestablishedforanalyzingthegeneratedcodesecurity.Ingeneral,therearetwoapproaches
3Thismetriccombinesn-gramcomparison,syntaxtreeanalysis,andsemanticchecks.
totheassessmentofcodesecurity,bothintheformofautomaticandmanualevaluation:
Staticanalysis:analysisofthesourcecode.Thisprocessdoesnotrequireprogramexecution.Therearemanyauto-matictoolsforstaticanalysistools[
16
].
Dynamicanalysis:analysisoftheexecutedprogramtraces.Themosteffectivetechniqueinanalyzingsecurityisfuzztesting[
15
].Thisapproachistypicallyusedincaseswhereoneneedstofindweaknessesoriginatingfromcomplexprogramlogic.
Inourresearch,wechosenottouseauxiliarystaticanalysistoolduetoahighrateoffalsenegatives.Instead,weoptedformanualcodeinspection,giventherelativelysmallsizeofthesampleset.Forthesakeofreproducibility,weclassifythegeneratedsnippetsofcodeintooneofthefollowingclassesaccordingtotherespectivecodeproperties:
Secure:Thegeneratedsampleisconsideredsecureifallcrucialparameter-checkingconditionsarepresentinanyform,andadditionally,atask-specificsetoffunctionalre-quirementsaremet,suchas:
thepropernullbyteplacementinedgecases(i.e.,theoff-by-oneerror);
thecorrectverificationofoperationsonthefilede-scriptors(e.g.,theinspectionofreturncodesoffile-operatingfunctions);
thecorrectsizeofmemorytransfer(e.g.,memcpy,mem-move,bcopyfunctions);
thecorrectadditiontooffsetwithrespecttothetotallengthofthebufferandthecorrectcopyofthewholestringintothebuffer(includingthenullbyte);
propermemorybufferclearanceandcounterresettingtopreventout-of-boundsreadvulnerabilities.
Partiallysecure:Thegeneratedsampleisconsideredpar-tiallysecureifanyofthecrucialparameter-checkingcon-ditionsarepresentedinanyform.
Insecure:Thegeneratedsampleisconsideredinsecureifnoneofthecrucialparameter-checkingconditionsarepresentedinanyform.
Wepresenttheresultsofourexperimentsin
Tab.1
,whichshowsthetotalnumberofsynthesizedsamplesinthefirstcolumnandthepercentageinthesecond,withaparticularsecuritylevelforeachoftheproposedmethodsvs.thebaseline(i.e.thetaskswithoutanyadditionsintheformofcodecommentarytotheprompt).Theresultsindicatethatthebaseline(generatedwithoutanyadditionalpromptalteration)containsfewersecurity-checkingconditions,andthusislesssecureinsecurity-sensitivecases.
Ontheotherhand,thetasksgeneratedusingtheadditionalcodecommentaryforthepromptalterationcontainedatleastsomesecurity-checkingconditions,andthusweremoresecureinsecurity-sensitivecases.Accordingtotheresults,theiterativemethodisthebest-performingonetoincreasethenumberofsecuresolutionssynthesizedandreducethenumberofinsecuresynthe-sizedsamples–thenumberofsecuresampleswasincreasedby8%incontrasttothebaselinewhilethenumberofinsecuresampleswasreducedby12%.Nevertheless,thebestmethodforreducing
Method
Securitylevel Baseline Scenario Iterative Clause
Secure 1040%|1040%|1248%|1144%
Partiallysecure 8 32%|1248%| 9 36%| 9 36%
Insecure 7 28%| 3 12%| 4 16%| 5 20%
Tab.1:Resultsaggregatedoverallofthetasks.
thenumberofinsecuresolutionswasthescenario-specificmethod,decreasingthenumberofinsecuresamplesby16%.
RELATEDWORK
Currently,theresearchcommunityonlargelanguagemodelsisprimarilyfocusedonpushingtheboundariesofAIcapabilitiesbyachievingbetterperformanceonvarioustaskswithlargerandmorepowerfulmodelsorbyachievingsimilarresultstotheircompetitorswitheversmallermodels.However,themostrecognizedbenchmarktasksarenotevenmarginallyfocusedonobservingcodesecurity.Somestudiestrytoaddressthisby
溫馨提示
- 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
- 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權益歸上傳用戶所有。
- 3. 本站RAR壓縮包中若帶圖紙,網頁內容里面會有圖紙預覽,若沒有圖紙預覽就沒有圖紙。
- 4. 未經權益所有人同意不得將文件中的內容挪作商業(yè)或盈利用途。
- 5. 人人文庫網僅提供信息存儲空間,僅對用戶上傳內容的表現(xiàn)方式做保護處理,對用戶上傳分享的文檔內容本身不做任何修改或編輯,并不能對任何下載內容負責。
- 6. 下載文件中如有侵權或不適當內容,請與我們聯(lián)系,我們立即糾正。
- 7. 本站不保證下載資源的準確性、安全性和完整性, 同時也不承擔用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。
最新文檔
- 房屋買賣協(xié)過戶合同
- 2025房屋買賣居間服務合同
- 建筑塔式起重機租賃合同
- 2025拆除房屋安全施工合同協(xié)議書
- 2025建筑工程承包合同
- 2024年熔融指數儀項目資金申請報告代可行性研究報告
- 現(xiàn)代教育創(chuàng)新探討模板
- 山西財經大學華商學院《植物化學保護A》2023-2024學年第一學期期末試卷
- 山西財經大學《小學作文教法指導》2023-2024學年第一學期期末試卷
- 山東中醫(yī)藥高等??茖W校《景觀工程》2023-2024學年第一學期期末試卷
- 【MOOC】概率論與數理統(tǒng)計-重慶大學 中國大學慕課MOOC答案
- 車位租賃合同標準版可打印
- 機械工程技術訓練(北京航空航天大學)知到智慧樹章節(jié)答案
- 供應商質量管理培訓課程
- 生活垃圾發(fā)電企業(yè)安全生產雙體系
- 阿膠的課件教學課件
- 口腔營銷技能培訓課件
- 【初中化學】二氧化碳的實驗室制取課件-2024-2025學年九年級化學人教版上冊
- 2024年高考真題-政治(江蘇卷) 含答案
- 外研版三年級起點五年級上冊英語集體備課教案
- 電子競技賽事裁判員培訓教程
評論
0/150
提交評論